Any Reports on Effectiveness of HIPS in PCTools Firewall

I am repairing/building a PC today and haven't decided on the security package. I have tried most applications and read a lot about most but I haven't run into much about the HIPS in PCTools Firewall Plus. Any information or links would be appreciated.

I would also be interested in knowing if the PrivateFirewall/HIPS combination is as light and effective as the PCTools Firewall Plus.

 

Private FW is much lighter, but PC Tools has 100% in Matousecs test which tests HIPs detection where as Private FW does not. Private FW rumors of HIPs not working in x64, but it did for me on Win7x64 Pro.

 

obviously diff on diff systems (eg. mine) but i dont know of any dedicated articles about it, maybe someone with more info will post.

 

I have heard it joked that Matousec's test should be renamed "HIPS Challenge" so if that's the case, they must be okay. I used PCTools FW before I went to Comodo and I liked it alright. It was quiet and I like a bit more feedback.

 

Don't "think" it is a rumor on hips with PFW and W7 64bit. I installed it the other day just to check it and never did get a single popup. Don't know why...

 

hips in pc tools is the "enhanced security verfication".so you have to enable it to see popup.

 

You already asked that..
https://www.wilderssecurity.com/showthread.php?t=267258

 

Thank you all for you input. I didn't really find out much about the PCTools Firewall HIPS and so I was not really sold on using it. I decided to go ahead and give PrivateFirewall a try. It has many users who are sold on it and its HIPS appears to work well.

 

PCTools has an excellent HIPS. It also runs lite. Private firewall runs lighter yet. It has a huge memory leak that has existed for an awfully long time I do not notice that it has any Hips at all. When it does alert the alerts are so confusing that you don't know what to do. I am not sure its an effective firewall. Combinng PC Tools firewall with threatfire an effective Antivirus in my opinion is a much better idea.

 

I Sandbox everything I run so I'm not really that concerned about security, but I do appreciate the input. I can always change my protection. I use ZSoft Uninstaller so I expect that most uninstalls would be troublefree.

 

As far as know PC Tools Firewall Plus doesn't have a HIPS built in, even if it warns when some programs are trying to made system changes or are acting like keyloggers.
I can be wrong of course

The HIPS developed by PC Tools is ThreatFire™, even if they states it is an antivirus it doesn't work like a traditional antivirus.
ThreatFire™ can scan for rootkits either way.

 

PC Tools FW Plus has HIPs. Thats why it scores 100% in Matousecs "Proactive" tests.

 

PCT FW HIPS is called Enhanced Security Verification and u can see it in the options (not sure if its enabled by default)

 

Thank you

Glad to know it,
since I use PC Tools Personal Plus v 6.0.0.88.
However I could'nt find any explicit mention of an HIPS here...


I have always thought that a HIPS is mainly a behavioral protection, very effective against zero-day exploits/malware

So, can someone tell me what PC Tools ThreatFire is?

[EDIT to add] I've found by myself the answer: ThreatFire is a behavioral blocker, quite different from a Host based Intrusion Detection System

Yes I'm aware of Enhanced Security Verification, and I enabled it on my Windows XP/Vista/7 32 bit machines (it is not available on Windows Vista/7 64 bit).

Thank you again

 

well not mainly, but it does include that. HIPS can be several things, a behavior blocker is a type of HIPS, the HIPS most people think of tho is the Classical HIPS (which alerts basically to everything u do)

 

The fabled test by Matousic was a firewall test & not a HIPS. Unfortunately if a firewall does not have great HIPS there are any number of ways for malware to breach it. Adding HIPS allows firewalls to ask you if you want to allow an event. Threatfire is a behavior analyzer that looks at what is going on & if some application suddenly acts lilke its doing virus type activity it asks what you want to do. The two are in fact similar but threatfire asks fewer questions

 

Thank you Woody777 and Firzen771 for your replies.

Now I've got my ideas straight

 

The Matousec test was labeled as a firewall test, but it is infact a test of a firewalls ability for HIPs detections. If your FW doesnt have HIPs or has a bad HIPs it doesnt do well.